Hi Greg, I took on NPF few months ago and there has been some work done. Will commit them to trunk soon for the next releases. I would be committing them to source soon. Also preparing a Gsoc student for NAT64 work and also ftp-proxy forward support if done with NAT64. Finishing up some RFC security mitigations as well and hopefully add Layer 2 filtering before the next NetBSD release.
Concerning the manual, please can you give me few pointers there so I can add that to my task list. > On 1 Apr 2025, at 12:28 PM, Greg Troxel <g...@lexort.com> wrote: > > I am running npf on many systems and in the process of setting up NAT on > one npf system and converting a different-firewall system to npf. As > part of this I am having a number of minor issues and finding the > documentation to be not clear enough. This note is only about the meta > issues. > > I see that npf is simply in the NetBSD tree as if native, and not in > external, in sys/net/npf and usr.sbin/npf and a few other places. But, > src/usr.bin/npf/README points to https://github.com/rmind/npf/ as > upstream. There are some recent commits, but it doesn't really seem > actively maintained; there are only two newer than 3 years, and they > looked pushed from NetBSD. > > Do people believe that npf in NetBSD-current matches the github > repository? > > Asking if npf is any system other than NetBSD: > > It looks like it is in FreeBSD. Do they view NetBSD or github as > upstream or if we push changes to github maybe that's a distinction > without a difference. > > I don't find it elsewhere. (There was an April Fools announcement > that it was committed to OpenBSD, and it's coincidence that today is > April 1....) > > > In addition to the man pages in NetBSD, similar content appears at > > https://rmind.github.io/npf/ > > but it's not entirely clear how that documentation relates to what is in > NetBSD, or even if it's up to date with the npf repository on github. > Ideally all such doc content would be part of npf, and installed in > /usr/share/doc/npf, so that it's available with the system, offline, at > least to the extent that a user would benefit from reading it. > > I find in NetBSD-current: > > ./lib/libnpf/libnpf.3 > ./usr.sbin/npf/npfd/npfd.8 > ./usr.sbin/npf/npf.7 > ./usr.sbin/npf/npf-params.7 > ./usr.sbin/npf/npfctl/npf.conf.5 > ./usr.sbin/npf/npfctl/npfctl.8 > ./share/man/man4/npflog.4 > > but Emmanuel
